The Authors of this blog are Ms. Muskan Pipania & Mr. Prakhyat Gargasyastudents of 5th year, BA LLB(H) at Dr. Ram Manohar Lohiya National Law University, Lucknow


Cyber crimes and its types

As the nation has encountered technological innovation over the last two decades, the use and misuse of the Internet also spread across the nation.

With India becoming the second largest online market with over 560 Million internet users, ranked after China[1], new criminal opportunities also emerged. The most common crimes include Email and internet fraud, identity theft, traffic in child pornography and intellectual property, cyber extortion, crypto-jacking etc. Such criminal activities either targets or uses a computer, a computer network or a networked device, and commonly known as Cybercrimes or Computer Crimes.

Cybercrimes can be classified into numerous forms, some of which are:

1.      Cyber extortion- A crime involving an assault or attack or threat combined with a demand for money. One type of cyber-extortion is the ransomware assault, in which the assailant accesses an organization's systems and encodes/encrypts its documents and files making the data inaccessible or unavailable until a ransom is paid, mostly in form of crypto currency, for example bit coin.

2.      Crypto jacking- An attack that uses scripts to mine digital currencies i.e. crypto currencies within browsers without the user's assent. Crypto jacking involves loading crypto currency mining software to the victim's system. Nonetheless, numerous attacks rely upon JavaScript code that does in-browser mining if the user's browser has a tab or window open on the malicious or pernicious site; no malware is needed to be installed because loading the affected page executes the in-browser mining code.

3.      Cyberespionage- Such a crime involves a cybercriminal who hacks into systems to gain access to confidential information held by a government or other organization. Cyberespionage activities can include every type of cyber attack to accumulate, change or obliterate data, as well as using network-associated devices, such as webcams or closed-circuit TV (CCTV) cameras, to keep an eye on a targeted individual or groups and monitoring or checking communications, including emails, text messages and instant messages.

4.      Exit Scam- The dark web has given rise to the digital version of an old crime known as the exit scam. Presently, dark web administrators divert virtual currency held in marketplace escrow accounts to their own accounts, basically, criminals stealing from other criminals.

Cyber Laws v Cyber Crimes

The term ‘Cybercrime’ is not per se defined anywhere in India, neither in Information Technology Act, 2000 nor in the IT Amendment Act, 2008, nor in any other legislation. However, most of such crimes are listed under the IT Act, 2008

The Information Technology Act was enacted by the Indian Parliament on 17th October, 2000 and is the primary law in India dealing with offences related cybercrime and electronic commerce. Basically, the act is based the United Nations Model Law on Electronic Commerce 1996 (UNCITRAL Model) recommended by the General Assembly of United Nations.

Despite rapid changes in technology, IT Act has hardly changed over the last decade.  However, offences like hacking, data theft, virus attack, forging a credit or debit card or fraudulent intent to cause wrongful loss or gain could be prosecuted under the provisions of Indian Penal Code, 1860.

Regarding the need of change in the IT Act, cyber expert Anil Raj of Cyber vault Security Solutions Pvt. Ltd said, “It has been observed that the pace of cybercrime has definitely increased”, furthermore, he added that “We have Artificial Intelligence, Cloud Computing, Internet of Things coming into the image. The cyber network has expanded, hence, the chance of vulnerability to be exploited by fraudsters also increased and so the act ought to have more changes so that there are No legal loopholes[2].”

According to the data shared by CERT-IN, an organization of Ministry of Electronics and Information Technology, Government of India showed that total cyber security incidents handled by them increased from 2,565 in 2008 to 53,117 in 2017 and finally 3,94,499 in 2019; in which incidents related Unauthorized Network Scanning/Probing increased from 9,383 in 2017 to 3,05,276 in 2019.[3]

It has been seen that if provisions under Indian Legislations regarding cybercrime are compared with any other country, one would come to the conclusion that India does not have strict laws for cybercrime. For instance, In India, punishment for Child Pornography under Protection of Children from Sexual Offences (POCSO) Act, 2012 is term not exceeding five years, whereas, in USA, the minimum statutory punishment (for the same offence) is imprisonment for fifteen to thirty years.

While a total sum of 21,796 crimes were recorded under both Indian Penal Code, 1860 and Information Technology Act, 2000 in 2017, the number has increased to 27,248 in the year of 2018; Harold D’Costa, a cyber expert stressed on the need to have special courts or Tribunals and a need for making such offences Non-Bailable with higher penalties.

The primary reason which was observed behind fewer convictions of crimes is the lack of Standard operating procedures for Search, Seizure and forensic examination of digital evidence.

Moreover, being non-local in character i.e. such computer crimes can occur in jurisdictions separated by vast distances. This poses severe problems for law enforcement. Many a times, thought, the investigating agencies do all the right things and follow all the standard procedures, these cases are difficult to crack. For example, crimes which extends beyond the boundaries of a country - obtaining court orders in different jurisdictions and following every legal assistance treaty signed by India with other countries, in most of the cases leads to cases remaining stagnant for years on end.

What Can You Do To Protect Yourself?

1.      It is always suggested to keep your software and operating system up-to date. This ensures that you latest security patches to protect your computer.

2.      Use anti-virus or a comprehensive internet security solution. This helps to protect your computer and data from crimes as it scans, detects and removes threats before they become a problem.

3.      Use strong passwords or passcodes.

4.      Never open an attachment in spam emails or on untrusted websites. It is a classic way in which computers get infected by malware attacks and other forms of cybercrimes.

5.      Never give out personal information unless it is in secure network.

6.      Always be mindful of which website URLs you visit.

7.      Whenever possible, use two-factor authentication.


Information technology has spread through the world. Computer is utilized in every sector wherein cyberspace or the internet gives equal opportunities to all, for economic growth and human development. As the use of internet grows the range of online interaction also expands, there is expansion and development in the cyber crimes i.e. breach of online contracts, execution of online torts etc. In the modern and advanced cyber technology world, it is particularly important to adopt a stricter law by the cyber space authority in order to regulate criminal activities and to provide better administration of justice to the victim of such crimes. Although, enactment of Information Technology Act, 2000 and Information Technology Amendment Act, 2008 is a milestone in the technological development and growth of the country; however, the current and existing laws is not sufficed. Numerous issues in cyber crimes are still left uncovered.

[1]Sandhya Keelery, “Internet Usage in India- Statistics & facts”, Statista, Jul 7, 2020.

[2]Sunil Pradhan, “IT Act outdated, needs changes due to new tech”, Sakal Times, Jan. 2, 2019.

[3]Indian Computer Emergency Response Team, Ministry of Electronic & Information Technology, Government of India, available at: (Visited on Aug 31, 2020).